Cisco Exam 300-215 Topic 3 Question 80 Discussion

Actual exam question for Cisco's 300-215 exam

Question #: 80
Topic #: 3

An engineer received a call to assist with an ongoing DDoS attack. The Apache server is being targeted, and availability is compromised. Which step should be taken to identify the origin of the threat?

AAn engineer should check the list of usernames currently logged in by running the command $ who | cut -- d' ' -f1| sort | uniq

BAn engineer should check the server's processes by running commands ps -aux and sudo ps -a.

CAn engineer should check the services on the machine by running the command service -status-all.

DAn engineer should check the last hundred entries of a web server with the command sudo tail -100 /var/ log/apache2/access.log.

Show Suggested Answer

Suggested Answer: B

by Leonora at Jul 10, 2024, 07:08 AM

Limited Time Offer

25%

Off

Get Premium 300-215 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Anika

30 days ago

I'm just glad I didn't try to fix this by turning it off and on again. That's the IT version of 'thoughts and prayers'.

upvoted 0 times

...

Thomasena

1 months ago

Bingo! Checking the Apache access logs is the way to go. I bet we'll find some juicy information there.

upvoted 0 times

...

Vicente

1 months ago

Hmm, I'm not sure checking the service status will really help us identify the origin of the DDoS attack. We need to dig deeper into the server logs.

upvoted 0 times

Mattie

2 days ago

I agree, we need to analyze the server logs to track down the source of the attack.

upvoted 0 times

...

Armando

8 days ago

D) An engineer should check the last hundred entries of a web server with the command sudo tail -100 /var/ log/apache2/access.log.

upvoted 0 times

...

Gracia

16 days ago

B) An engineer should check the server's processes by running commands ps -aux and sudo ps -a.

upvoted 0 times

...

Susy

18 days ago

A) An engineer should check the list of usernames currently logged in by running the command $ who | cut -- d' ' -f1| sort | uniq

upvoted 0 times

...

Beata

1 months ago

Yes, checking the server processes is a great idea! That should give us some clues about what's causing the issue.

upvoted 0 times

Oliva

17 days ago

Engineer 1: Let's check the server processes by running ps -aux and sudo ps -a.

upvoted 0 times

...

Rosenda

2 months ago

I think checking the list of logged-in usernames is a bit overkill for a DDoS attack. Let's focus on the server processes and logs instead.

upvoted 0 times

Timothy

17 hours ago

I agree, focusing on server processes and logs is more relevant for identifying the origin of the DDoS attack.

upvoted 0 times

...

Carmelina

2 days ago

B) An engineer should check the last hundred entries of a web server with the command sudo tail -100 /var/ log/apache2/access.log.

upvoted 0 times

...

Hollis

16 days ago

B) An engineer should check the last hundred entries of a web server with the command sudo tail -100 /var/ log/apache2/access.log.

upvoted 0 times

...

Noah

20 days ago

A) An engineer should check the server's processes by running commands ps -aux and sudo ps -a.

upvoted 0 times

...

Alyce

25 days ago

A) An engineer should check the server's processes by running commands ps -aux and sudo ps -a.

upvoted 0 times

...

Chantell

2 months ago

That's a good point, Ricarda. It's important to consider all options before making a decision.

upvoted 0 times

...

Ricarda

2 months ago

I disagree, I believe option B is more effective. Checking the server's processes can give us insight into any suspicious activity.

upvoted 0 times

...

Chantell

2 months ago

I think option D is the best choice. Checking the last hundred entries of the web server can help identify the source of the attack.

upvoted 0 times

...

Alaine

2 months ago

I'm not sure, but I think option B could also be useful. Checking the server's processes might give us some clues about the attack.

upvoted 0 times

...

Sherman

2 months ago

I agree with Geoffrey. Option D seems like the most effective way to track down the source of the DDoS attack.

upvoted 0 times

...

Geoffrey

2 months ago

I think option D is the best choice. Checking the last hundred entries of the web server can help identify the origin of the threat.

upvoted 0 times

...